devlug.de is a Fediverse instance that uses the ActivityPub protocol. In other words, users at this host can communicate with people that use software like Mastodon, Pleroma, Friendica, etc. all around the world.
This server runs the snac software and there is no automatic sign-up process.
I'm aware of the terms #whitewashing, #greenwashing, and #pinkwashing.
How do we call what #BS is doing? #fedwashing? But fed is not a colour 🤷
In which I claim that a few annoying #Fediverse problems (and ATproto too) could be solved by using URI schemes the way they’re designed to be used: https://www.tbray.org/ongoing/When/202x/2025/04/16/Decentralized-Schemes
Thanks @grunfink@comam.es for the #snac server, @stefano@bsd.cafe for the blog posts that pointed me to it, @voron@snac.nya.pub for the theme and @manton@manton.org for motivating me with your book
I've got a quick favour to ask. If you're reading this post on Mastodon (or the Fediverse), please click share.
How come?
I recently moved across to my own self-hosted single-user server (using GoToSocial.org). For a bunch of reasons, including visibility across the Fedi, it would really help out.
Am 6. Mai veranstalten wir gemeinsam mit @wikimediaDE und dem @bmuv den online-Workshop
📣 Das #Fediverse und seine sozialen Medien.
Mit @nic , @melaniebartos , @MoniKa , @digitalcourage , @cyber4EDU und @RoedigerRG wird das dezentrale Netzwerk 🕸️ vorgestellt und ganz praktisch in die Nutzung von #Mastodon, #PeerTube und #Pixelfed eingeführt.
Anmeldung hier
👉 https://www.bmuv.de/veranstaltung/teil-1-der-workshopreihe-sovereign-sustainable-digital-das-fediverse-und-seine-sozialen-medien
I know that title might seem controversial, so let's dive in. Right now, here’s the landscape of federated protocols:
Ultimately, that leaves us with ActivityPub. Everything else either lacks widespread adoption, doesn’t support common social media scenarios, or is effectively proprietary despite being open-source. For those who prioritize open-source solutions, ActivityPub is essentially the only viable option.
While I’m about to critique ActivityPub extensively, it undeniably has strong points:
Most issues with ActivityPub stem from one critical flaw: much of its behaviour is undefined. The core types and activities allow interactions that make little practical sense. For instance, the Like
activity should be simple—you like something. But, in ActivityPub, you can "like" another Like
activity, creating infinite loops of nonsensical interactions.
This flexibility leads to a significant problem: no two implementations behave identically. Developers resort to hacks and guesswork to interpret undefined behaviour. Ideally, ActivityPub would strictly define interactions for core types, enabling implementations (Mastodon, Lemmy, Pleroma, etc.) to focus solely on presentation or extending functionality, knowing basic interactions remain consistent across platforms.
A practical example is the confusion around private messages. Two competing methods have emerged: a custom ChatMessage
type not officially supported by ActivityPub (used by Lemmy, Pleroma and others), and an alternate "standard" using a Note
object that excludes the public audience but explicitly mentions recipients (used by Mastodon and others). This ambiguity creates compatibility nightmares.
Another example I personally encountered was a frustrating issue while implementing ActivityPub for this blog: updating a post propagated to Lemmy but not Mastodon. Despite the Update
activity being accepted, Mastodon silently rejected it unless the updated
timestamp changed—a logical but unofficial requirement. Developers must track down subtle implementation details that aren't formally documented, significantly complicating adoption and usage.
Privacy is virtually non-existent. When another server federates with yours, it receives all public activities, which might seem harmless initially. However, what happens if you mistakenly share sensitive information publicly? In theory, deleting a post propagates across the network, but real-world scenarios vary greatly—from technical glitches to outright malicious actors ignoring delete requests. Ensuring robust privacy requires substantial protocol-level changes, such as introducing end-to-end encryption—something notoriously complex to implement, as evidenced by Matrix’s struggles.
Another significant flaw is impersonation vulnerability. ActivityPub itself has no built-in authentication mechanism, meaning anyone could theoretically impersonate any user. Although most implementations use the HTTP Signatures standard to address this, ActivityPub itself remains incomplete in terms of essential security features. The standard openly acknowledges:
Unfortunately at the time of standardization, there are no strongly agreed upon mechanisms for authentication.
ActivityPub, particularly its vocabulary rules (ActivityStreams), remains a half-finished protocol. Its effectiveness depends heavily on individual implementation choices, creating problematic discrepancies—such as the inability to reliably send private messages between Mastodon and Lemmy users. Moreover, simple human errors or software oversights can unintentionally expose private information, as recently demonstrated when new Fediverse software mishandled Mastodon-style private messages and displayed them publicly.
The solution? ActivityPub needs a clearly defined second iteration—an ActivityPub v2—that eliminates ambiguity, standardizes behaviour strictly, and provides essential security measures. Certain issues, especially privacy, may never be fully resolved within the protocol, but increased clarity and stricter rules would significantly mitigate existing risks.
This doesn’t mean we should abandon ActivityPub, but rather, we must work collectively to standardize it further, making it more secure and less error-prone.
What are your thoughts on ActivityPub? Have you developed something using it? Are you planning to? Let me know in the comments!
Kommt Leute, helft mit! Lasst eine Welle durch das #Fediverse rauschen. Alle mal #Teilen und (viel davon) Umsetzen! 👇
#UnplugTrump zeigt, wie man sich digital von Trump und Tech-Oligarchen abkoppelt – für Datenschutz, Demokratie und eine gerechtere digitale Zukunft.
https://www.kuketz-blog.de/unplugtrump-mach-dich-digital-unabhaengig-von-trump-und-big-tech/
Am 6. Mai veranstalten wir gemeinsam mit @wikimediaDE und dem @bmuv den online-Workshop
🥁 🥁 Das #Fediverse und seine sozialen Medien.
Mit @nic, @melaniebartos, @MoniKa, @digitalcourage, @cyber4EDU, und @RoedigerRG wird das dezentrale Netzwerk 🕸️ vorgestellt und ganz praktisch in die Nutzung von #Mastodon, #PeerTube und #Pixelfeld eingeführt.
Anmeldung hier
👉 https://www.bmuv.de/veranstaltung/teil-1-der-workshopreihe-sovereign-sustainable-digital-das-fediverse-und-seine-sozialen-medien
@bfdi ich lese daraus das unter der neuen Leitung das social media Team nicht mehr genug Menschen besitzt.
Und vielleicht ist es ja auch ein gute Idee wenn die aktuelle Chefin hier schreibt?
Wünschen würden es sich das hier glaube ich vielle.
Wertes @bfdi in der Pressekonferenz hat Prof. Dr. Louisa Specht-Riemenschneider geäußert sie will den #datenschutz besser vermitteln.
Wie passt das mit dem einschlafen der Öffentlichkeitsarbeit hier im #fediverse zusammen.
Es wäre glaube ich sehr hilfreich sich wieder mehr ein zu bringen.
Der Tag wo hier rede und Antwort gestanden wurde war ein guter Anfang davon. Seit dem ist aber wieder zu sehr Ruhe.
Digitale Zeitenwende im Kulturmagazin Aspekte - #unfollowBigTech
In der neuen Ausgabe werden zum ersten Mal vorsichtig die Worte @pixelfed und #fediverse fallen gelassen und als radikale These, man könne mehr analog machen und auch so etwas gegen BigTech unternehmen.
https://www.zdf.de/video/reportagen/aspekte-106/trump-demokratie-usa-musk-100
it used to be that the #fediverse was kind of empty and boring and people i knew were not there. now i have the inverse problem: it's a social media that's *too* interesting and distracts me from work. #mastodon, can you suck a little more please so i can get shit done? #kthxbye
🌍 Offene digitale Infrastrukturen für mehr Resilienz & Nachhaltigkeit!
Big Tech dominiert – doch es gibt Alternativen! In unserer neuen Workshopreihe mit dem @bmuv & dem @neuSoM erkunden wir das Fediverse, nachhaltige digitale Lösungen & Freies Wissen.
📆 Auftakt: 09.04.2025, 14:30–17:00 Uhr (online)
🎤 Mit Inputs zu Dominanz von Big Tech, Digital Services Act & Plattformalternativen.
➡️ Info & Anmeldung: https://www.bmuv.de/themen/digitalisierung/community-nachhaltige-digitalisierung
Herzlichen Glückwunsch! 🎉 Denn wenn du das hier lesen kannst, hast du sehr vieles richtig gemacht. Das unabhängige #Fediverse geht aber noch weit über Mastodon hinaus. In unserem kurz&mündig Band 16 erfährst du mehr über das dezentrale Social-Media-Universum
Band 16 der Reihe kurz&mündig
Autor.innen: Leena Simon 🔗 muendigkeit.digital und Christian Pietsch
A6, 28 Seiten, ISBN 978-3-934636-45-3
5 Euro, https://shop.digitalcourage.de
#digitalcourage #kurzundmündig #kum #wissenfürdiehosentasche #digitalmündig #datenschutz #freiheit #freedom #humanrights #privacy #security #grundrecht
I have a #Mastodon feature request. Could there please be a specialized emoji for the #XMPP logo? To put it beside one's name? It can draw attention to an XMPP "Chat ID" that one has put in one's Mastodon profile. Similarly, it would make sense to also have emojis for the #Deltachat logo, #Matrix logo, etc. Basically, every other #OpenSource federated network (#Pixelfed? #Peertube?) would likewise deserve an emoji.
This is so that Mastodonians can draw attention to the accounts they have on other #Fediverse servers. It's a visual cue, right by their names, inviting others to tap/click their avatars/names, and have a look at their profile, where further contact info could be presented. It would encourage people to use Federated services more, then display their involvement to others.
Hello #fediverse,
we are #Senfcall and we are #hosting #privacy-friendly #BigBlueButton #videoconferences.
Free as in #freedom AND #free as in beer. (donations are welcome)
You don't even have to register an account (unless you need persistent rooms). Just visit https://senfcall.de/en/ - klick on "start meeting", enter meeting name (password optional), press "start" enter your name and have fun senfing. The call-invite link you find at the top of the chat.
Ückück und das Fediverse: Was bleibt privat?
Soziale Netzwerke dienen für viele als Möglichkeit, sich über die kleinen und großen Themen des Alltags auszutauschen. Doch über welche Themen sollte lieber zweimal nachgedacht werden, bevor über sie öffentlich im Internet diskutiert wird?
#Fediverse #Privatsphäre #Datenschutz #Kolumne #ÜckückUndDasFediverse #Linux
@adamsdesk.com @tldr_pages 🚀 Exciting news! Our project got a mention in Adam’s latest post: https://www.adamsdesk.com/posts/discover-fediverse-love-your-neighbour/ about the #Fediverse and #digitalsovereignty.
He explores why decentralization matters and highlights projects working toward a more open, privacy-respecting internet.
🌍🔓💡Check it out and join the conversation! #Privacy #OpenSource